The commit is included in plucky master-next.
commit 90c4ea360f83fab58c6afeb8d704dba5d03cf02a
Author: Sergey Senozhatsky <[email protected]>
Date: Fri Mar 28 00:03:50 2025 +0900
thunderbolt: Do not double dequeue a configuration request
BugLink: https://bugs.launchpad.net/bugs/2119039
commit 0f73628e9da1ee39daf5f188190cdbaee5e0c98c upstream.
Some of our devices crash in tb_cfg_request_dequeue():
general protection fault, probably for non-canonical address
0xdead000000000122
CPU: 6 PID: 91007 Comm: kworker/6:2 Tainted: G U W 6.6.65
RIP: 0010:tb_cfg_request_dequeue+0x2d/0xa0
Call Trace:
<TASK>
? tb_cfg_request_dequeue+0x2d/0xa0
tb_cfg_request_work+0x33/0x80
worker_thread+0x386/0x8f0
kthread+0xed/0x110
ret_from_fork+0x38/0x50
ret_from_fork_asm+0x1b/0x30
The circumstances are unclear, however, the theory is that
tb_cfg_request_work() can be scheduled twice for a request:
first time via frame.callback from ring_work() and second
time from tb_cfg_request(). Both times kworkers will execute
tb_cfg_request_dequeue(), which results in double list_del()
from the ctl->request_queue (the list poison deference hints
at it: 0xdead000000000122).
Do not dequeue requests that don't have TB_CFG_REQUEST_ACTIVE
bit set.
Signed-off-by: Sergey Senozhatsky <[email protected]>
Cc: [email protected]
Signed-off-by: Mika Westerberg <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
CVE-2025-38174
Signed-off-by: Manuel Diewald <[email protected]>
Signed-off-by: Mehmet Basaran <[email protected]>
** Changed in: linux (Ubuntu Plucky)
Status: New => Fix Released
** Changed in: linux (Ubuntu Noble)
Status: New => Invalid
** Changed in: linux-oem-6.14 (Ubuntu Noble)
Status: New => In Progress
** Changed in: linux-oem-6.14 (Ubuntu Noble)
Assignee: (unassigned) => AceLan Kao (acelankao)
** Changed in: linux-oem-6.14 (Ubuntu Plucky)
Status: New => Invalid
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2120265
Title:
Failed to boot up with thunderbolt errors
Status in linux package in Ubuntu:
New
Status in linux-oem-6.14 package in Ubuntu:
New
Status in linux source package in Noble:
Invalid
Status in linux-oem-6.14 source package in Noble:
In Progress
Status in linux source package in Plucky:
Fix Released
Status in linux-oem-6.14 source package in Plucky:
Invalid
Bug description:
[Impact]
During the cold boot test, there is chance to encounter the thunderbolt
errors and stucks the boot up process.
[Fix]
There is a fixes commit for the issue which is included in v6.14.11
0f73628e9da1 thunderbolt: Do not double dequeue a configuration request
Plucky is expected to include this patch in 6.14.0-29.
[Test]
Reboot the system around 100 times and make sure the system could be booted
up without thunderbolt errors.
[Where problems could occur]
The patch is pretty straightforward, I don't see any possible potential
regressions.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2120265/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
